CVE detail
CVE-2026-20182: Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
Source: CISA Known Exploited Vulnerabilities catalog · back to feed
Vendor / product
Cisco · Catalyst SD-WAN
- Date added (KEV)
- May 14, 2026
- CISA due date
- May 17, 2026
- Ransomware campaign use
- Unknown
Required action
Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlined in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.
Vendor fix: Vendor advisory
Scorifya interpretation
AI-generatedA short, structured read of the record above — generated when this page first loads, then cached for a week.
Plain English
Technical detail
From CISA
Cisco Catalyst SD-WAN Controller & Manager contain an authentication bypass vulnerability that allows an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system.
CISA Mitigation Instructions: https://www.cisa.gov/news-events/directives/ed-26-03-mitigate-vulnerabilities-cisco-sd-wan-systems ; https://www.cisa.gov/news-events/directives/supplemental-direction-ed-26-03-hunt-and-hardening-guidance-cisco-sd-wan-systems ; https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa2-v69WY2SW ; https://nvd.nist.gov/vuln/detail/CVE-2026-20182
References
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa2-v69WY2SWVendor Advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZkNot Applicable
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20182US Government Resource
Other recent CVEs from Cisco
- CVE-2026-20122Catalyst SD-WAN Manger — Cisco Catalyst SD-WAN Manager Incorrect Use of Privileged APIs Vulnerability
- CVE-2026-20128Catalyst SD-WAN Manager — Cisco Catalyst SD-WAN Manager Storing Passwords in a Recoverable Format Vulnerability
- CVE-2026-20133Catalyst SD-WAN Manager — Cisco Catalyst SD-WAN Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
- CVE-2026-20131Secure Firewall Management Center (FMC) — Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management Deserialization of Untrusted Data Vulnerability
- CVE-2022-20775SD-WAN — Cisco SD-WAN Path Traversal Vulnerability
Check your domain's public posture
Scorifya doesn't test for specific CVEs, but if patching Cisco changed your headers or TLS, a fresh hardening scan helps confirm nothing regressed externally.